ZDI-25-020: Apple macOS libFontValidation post Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the libFontValidation library is required to exploit this...
ZDI-25-021: Apple macOS libFontValidation Font Glyph Flags Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the libFontValidation library is required to exploit this...
ZDI-25-022: Apple macOS libFontValidation Font Glyph YCoordinate Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the libFontValidation library is required to exploit this...
ZDI-25-023: Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code...
ZDI-25-024: Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code...
ZDI-25-025: Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code...
Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Ivanti Products, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based...
USN-7193-1: Thunderbird vulnerability
Masato Kinugawa discovered that Thunderbird did not properly validate the CSP policy in the Web Compatibility extension. An attacker could potentially exploit this issue to...
USN-7192-1: xfpt vulnerability
It was discovered that xfpt did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file, an...
USN-7191-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to...
